The Cybersecurity Landscape of 2023: Emerging and Ongoing Challenges
As soon as the pandemic came to an end, the world has been facing a series of new challenges and disruptions. Factors like global economic stagnation and political conflicts have impacted both government organizations and enterprises, making them more vulnerable to cyberattacks. Here are some emerging and ongoing challenges in cybersecurity in 2023.
The Rise of Offensive Artificial Intelligence
In December 2022, the world was stunned by ChatGPT, the most advanced AI chatbot ever released for public use, known for its human-like natural language capabilities. As people witnessed the chatbot’s ability in writing natural language and code, many worried about the technology’s potential of being exploited for malicious purposes.
In fact, the threat of AI being used for cyberattacks isn’t limited to ChatGPT. Today’s AI is highly capable of creating malware and generating personalized phishing messages. Many advanced persistent threats (APT) have been utilizing AI-based tools to scan for vulnerabilities in targeted systems, or to deploy social engineering and phishing attacks on a large scale.
Although the use of AI in cyberattacks is concerning, these attacks aren’t undefendable. Cybersecurity providers, including Penta Security, have long adopted AI for uses in vulnerability scanning, threat detection, and continuous monitoring. Its next-generation web application and API protection (WAAP) tool WAPPLES, uses AI-generated logic-based rules to detect all kinds of new attacks and variants of existing attack patterns.
More Social Engineering and Phishing Attacks
In any IT network, humans are the biggest vulnerability. Whereas system and software flaws can be easily corrected with patches, the potential for human error and misjudgment always exists. Since human-related risks are higher in large corporations and organizations with high employee turnover rates, more and more threat actors are now exploiting human errors to gain entry into IT networks. As a result, social engineering and phishing campaigns are becoming increasingly common and sophisticated. In 2022, the LAPSUS$ hacker group used phishing techniques to breach multiple large corporations including NVIDIA, Samsung, and Microsoft.
Educating employees on cybersecurity awareness and ways to identify phishing is an effective method to minimize the risk of social engineering and phishing attacks. For large organizations, such training should be incorporated into the employee onboarding and offboarding processes. Taking the precaution of setting up muti-factor authentication (MFA) can also decrease the risk of account takeover due to phishing.
Ongoing State-Sponsored Cyberwarfare
Since the war between Ukraine and Russia broke out a year ago, state-sponsored cyberattacks between hostile countries have been at an all-time high, leading to an ongoing threat to government agencies, critical infrastructure operators, and financial institutions. Different from most financially motivated hackers, state-sponsored threat actors tend to prioritize on causing damage and disruptions rather than seeking financial returns. A wide range of attacks can be observed, from those as simple as DDoS and website defacement, to more sophisticated operations involving malware, data wipers, and infiltration.
From Ransomware to Data Extortion
Given a slowing global economy, financially motivated threat actors will likely become more active in 2023. Elite ransomware-as-a-service (RaaS) operators are becoming more sophisticated and professional. By leasing ransomware deployment tools to third-party affiliates, these RaaS operators can stay relatively safe from law enforcement while making it easier than ever for new affiliates to join. Targets preferred by ransomware operators include critical infrastructure operators, hospitals, schools, and manufacturing and retail supply chains.
The main tactic of ransomware operators has also shifted from encryption to data exfiltration. In fact, ransomware gangs today are gradually deviating from relying on ransomware and turning into data extortion groups. In some cases, the intruders do not even attempt to negotiate with the victim but instead post the data they steal directly online for sale. More data extortion attacks are expected in 2023, making cybersecurity measures crucial.
Software-Defined Vehicles
Connectivity is no longer limited to the conventional fields of IT, making the boundary between online and offline increasingly blurry. More and more consumer goods are becoming digitalized and connected, with automobiles becoming the next big consumer technology. Given that mobility tech innovations make up most of the headlines at CES 2023, software-defined vehicles (SDV) are set to transform the tech industry and the cybersecurity landscape.
From the massive operation shutdown of Toyota, to the “Kia Challenge” car theft campaign leading to 14 reported crashes and eight fatalities, the mobility and transport sector is indeed becoming a new target of cyberattacks. Throughout 2023, automotive OEMs and tier suppliers must enhance their cybersecurity measures to prepare for more sophisticated attacks against vehicles and production facilities.
For more information on security implementation, check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D’Amo
Identity and Access Management: iSIGN+
Automotive, Energy, Industrial, and Urban Solutions: Penta IoT Security